<?php
session_start();
header('Content-Type:text/html; charset=windows-874');

$username = $_POST['username_login'];
$password = $_POST['password_login'];
$check_type = $_POST['check_type'];

include 'connect.php';

if($check_type == "-1") {

$query = "use eiso ";
$query .= " select * from student_profile ";
$query .= " where student_id = '" . $username . "' ";
$query .= " and student_password = '" . $password . "'";

$result = mssql_query($query);
$check_row = mssql_num_rows($result);

	if($check_row == 1) {
		$rs = mssql_fetch_array($result);
		
		$_SESSION['sess_id'] = session_id();
		$_SESSION['sess_username'] = $username;
     	$_SESSION['sess_name'] = $rs['student_name'];
		$_SESSION['sess_surname'] = $rs['student_surname'];
		$_SESSION['sess_type_login'] = $check_type;
		
		echo $check_row;
	}

} // end check $check_type == "-1"


if($check_type == "1") {

$query = "use eiso ";
$query .= " select * from staff_profile ";
$query .= " where staff_username = '" . $username . "' ";
$query .= " and staff_password = '" . $password . "'";
$query .= " and staff_dep_id = 1";

$result = mssql_query($query);
$check_row = mssql_num_rows($result);

	if($check_row == 1) {
		$rs = mssql_fetch_array($result);
		
		$_SESSION['sess_id'] = session_id();
		$_SESSION['sess_username'] = $username;
     	$_SESSION['sess_name'] = $rs['staff_name'];
		$_SESSION['sess_surname'] = $rs['staff_surname'];
		$_SESSION['sess_type_login'] = $check_type;
		
		echo $check_row;
	}

} // end check $check_type == "1"

if($check_type == "2") {

$query = "use eiso ";
$query .= " select * from staff_profile ";
$query .= " where staff_username = '" . $username . "' ";
$query .= " and staff_password = '" . $password . "'";
$query .= " and staff_dep_id = 2";

$result = mssql_query($query);
$check_row = mssql_num_rows($result);

	if($check_row == 1) {
		$rs = mssql_fetch_array($result);
		
		$_SESSION['sess_id'] = session_id();
		$_SESSION['sess_username'] = $username;
     	$_SESSION['sess_name'] = $rs['staff_name'];
		$_SESSION['sess_surname'] = $rs['staff_surname'];
		$_SESSION['sess_type_login'] = $check_type;
		
		echo $check_row;
	}

} // end check $check_type == "2"

if($check_type == "3") {

$query = "use eiso ";
$query .= " select * from staff_profile ";
$query .= " where staff_username = '" . $username . "' ";
$query .= " and staff_password = '" . $password . "'";
$query .= " and staff_dep_id = 4";

$result = mssql_query($query);
$check_row = mssql_num_rows($result);

	if($check_row == 1) {
		$rs = mssql_fetch_array($result);
		
		$_SESSION['sess_id'] = session_id();
		$_SESSION['sess_username'] = $username;
     	$_SESSION['sess_name'] = $rs['staff_name'];
		$_SESSION['sess_surname'] = $rs['staff_surname'];
		$_SESSION['sess_type_login'] = $check_type;
		
		echo $check_row;
	}

} // end check $check_type == "3"

?>
